OT:ICEFALL – A Year-long Dive into Insecure-by-Design Practices and Patching

Logo
Presented by

Daniel dos Santos, Head of Security Research, Forescout Research - Vedere Labs

About this talk

For more than two years, Forescout Research - Vedere Labs has been finding, disclosing, and helping to detect and fix critical vulnerabilities that can be used by attackers to take control of IT, IoT and OT devices. Project Memoria revealed a host of problems with TCP/IP stack implementations, while OT:ICEFALL highlighted the insecure-by-design nature of OT equipment. On June 20, we concluded OT:ICEFALL after more than one year of research. In this webinar, we will share the insights we have gained into the current state of OT product security and how that affects vulnerability management for asset owners. We will discuss why many device vendors still lack a fundamental understanding of basic security controls, why many OT patches are broken and lead to new vulnerabilities and how threat actors can leverage the current situation in their attacks. Learn what insecure by design vulnerabilities mean for asset owners and, most importantly, how to assess and mitigate risk. Speaker: Daniel dos Santos, Head of Security Research, Forescout Research - Vedere Labs
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (53)
Subscribers (16940)
Forescout Technologies is the leader in device visibility and control. Our unified security platform enables enterprises and government agencies to gain complete situational awareness of their extended enterprise environments and orchestrate actions to reduce cyber and operational risk. Learn more about our products, hear about new cybersecurity trends and see how Forescout helps you address these.